Please, I have been trying to configure httpd with no luck. I need following behavior:
- if I access https://example.org/, https://example.org/anything/.../... -> I need proxy to localhost:8080 (tomcat) with preserved hostname "example.org" in http request
ProxyPreserveHost On - if I access https://example.org/api/system-a/... -> I need proxy to external server without preserved hostname "example.org" in http request
ProxyPreserveHost Off
SSL settings, hostname, port, etc. should be the same for both URLs...
I haven't been able to find solution in httpd (in nginx, you just move the directive proxy_set_header Host $host/$proxy_host one level lower from http or server to location section of config, but in httpd, there is no such thing to my knowledge). I havent been able to run 2 vhosts with same server name and port...
Listen 443 https <VirtualHost *:443> ServerName example.org SSLEngine On SSLProxyEngine On ProxyErrorOverride On ProxyPreserveHost On ProxyRequests Off SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off ProxyPass /api/system-a/ https://external-domain.example2.org/system-a/ ProxyPassReverse /api/system-a/ https://external-domain.example2.org/system-a/ ProxyPass / http://localhost:8080/ ProxyPassReverse / http://localhost:8080/ SSLEngine On SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 +TLSv1.2 SSLCipherSuite HIGH:!aNULL:!MD5 SSLHonorCipherOrder On RequestHeader set X-Forwarded-Proto "https" SSLCompression off SSLSessionTickets Off SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key #websockets RewriteEngine On RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC] RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC] RewriteRule .* ws://localhost:8080%{REQUEST_URI} [P] ProxyPass /websocket/ "ws://localhost:8080/websocket/" ProxyPassReverse /websocket/ "ws://localhost:8080/websocket/" </VirtualHost> 